(no title)

I jumped the hoop and bought a Ugreen nas with 4 bays where the first thing I did was installing TrueNAS CE onto it and then use ChatGPT with highly customized prompts and the right context (my current docker-compose files).

Without much previous knowledge of docker, networking etc. except what I remembered from my IT vocational education from 15 years ago, I now have:

- Dockerized Apps

- App-Stacks in their own App-Network

- Apps that expose web UI not via ports, but via Traefik + Docker labels

- Only Traefik 443 ports reachable from WAN, plus optional port forwarding for non-http services

- Optional Cloudflare Tunnel

- Automatic Traefik TLS termination for LAN and WAN for my domain

- Split-DNS to get hostnames routed properly on LAN and WAN

- CrowdSec for all exposed containers

- Optional MFA via Cloudflare for exposed services

- Local DHCP/DNS via Technitium

- Automatic ZFS snapshots and remote backups

- Separation between ephemeral App data (DBs, Logs) on SSD and large files on HDD